Carrier IQ: spying on hundreds of millions of phones, including yours!


freeiq

Carrier IQ

If you have a phone, this article is for you. Carrier IQ, a cellular software developer has been installing snooping apps on phones for some time. A proud banner displayed on their site counts furiously into the clouds with over 141 million devices INFECTED with their innocuous software as of this article.

So what is it? A good reason to root your phone.

That’s a good question. Essentially a root-kit or application that has full root access and is built into the operating system on your favorite mobile device. Not just Android either, various other devices are confirmed as included in CIQ’s grasp, including Blackberry and Nokia devices.

This isn’t some app that texts your cookies to some overseas spynet server. The company markets it’s software as a method for your service provider to monitor and manage network traffic and various user data. HTC and Samsung  devices come pre-equipped with CIQ saddle-bagged right into the operating system.

What are you gonna do with that probe?

Imagine being abducted, and aliens implant something in your brain. Only this is your phone, and they don’t need your brain. Plus no need to fly across the world looking for you, the device you hold is one you went out and bought. So now it sets in your hands while you are enjoying private text messages with that significant someone. Be careful what you do, you are being watched.

Press a key in the dialer, and it is logged. Open an app, send or receive sms messages, answer a call, even screen on and off is captured. It gets more invasive by reading urls, media and location data logging, and screen touch location capturing.

Credit for discovering how deep Carrier IQ is integrated goes to some curious developers over at XDA, TrevE and Konane. While digging into devices to tweak speed and remove bulk, these guys stumbled upon a dirty little secret. While the software is embedded into the core of the operating system, everything is disabled by default. The main focus is the ability to monitor network usage to better control and maintain your cellular network. However, what they discovered was more than network monitoring. And it can all be activated and monitored remotely.

Can’t I just turn it off?

No. It must be removed. And unless you are rooted, it’s just not an option. You have no voice in the matter. The software is marketed as a systems administrator tool. However, it logs everything you do constantly, pipes the information to a portal and it is sold. Thats where things get unclear.

And what’s more, the actual carriers have little to say on the matter. Although Sprint denied reports of CIQ being present on their handsets, developers were hard at work removing it from their roms. Verizon now allows you to opt out from data sharing, but you cannot disable the software from collecting information.

Even a device that isn’t activated can upload your activities to them. There is literally no way out without removing it yourself or installing a custom rom already stripped. However, there are methods of removing it from your Android device via XDA, available now.

Should I be worried?

Yes. While the main point may to deliver better bandwitdh and network access to users like you and I, the security issues here far outweigh the benefits. And while most users will not ever experiment with rooting, if you have the capabilities or access to CIQ removed roms, I highly recommend removing it.

If your security can be compromised by clicking links in a phishing scam, leaving the backdoor open for neighborhood criminals is probably a bad idea. Malicious intentions or not, you literally have no way to protect yourself.

Check out the guides provided by TrevE or Konane at XDA for more information.

The plot thickens…

So TrevE has posted some documents he found on CarrierIQ’s website which are mostly marketing documents, various details telling of how powerful their tool is for systems administration. However, the folks behind this code have served a nasty cease-and-desist letter and attempted to slap some duct-tape on his mouth. Thankfully, the Electronic Frontier Foundation jumped to his defense and responded with a big take-a-hike!

Carrier IQ has since removed said documents from their site and still their proud banner tics away, up a few hundred devices from when I began typing. Headquartered in Mountain View, they have poisoned our Google deserts.

Fight for your rights…

Cyanogenmod, MIUI and the other AOSP roms do not contain CIQ, and many roms have been cleaned of it’s greasy fingerprints. Simply rooting your phone and installing a custom rom will release you from this disease and cure the hangover. Just stay away from stolen apps from sleazy markets! And keep your phone up-to-date. That Google Wallet is tied to your bank account!

Eric Pfister
Tags , , , , , , , , , , , , , , , , , , ,

I am a Service Writer and Systems Administrator in the automotive industry with about a decade of IT service.

Related posts

  • Eric

    Update: “rootkit” maker, CarrierIQ appologizes, but still infects more, even on Holidays! Thanks to the EFF, they are singing a new tune… So maybe we do have a voice in the matter….

Top